CVE-2017-15887

Summary

An improper restriction of excessive authentication attempts vulnerability in /principals in Synology CardDAV Server before 6.0.7-0085 allows remote attackers to obtain user credentials via a brute-force attack.

Affected Software

VendorProductVersion RangeStatus
SynologySynology CardDAV Serverbefore 6.0.7-0085affected

Weaknesses

  • CWE-307: Improper Restriction of Excessive Authentication Attempts (CWE-307)

ADP Enrichment

CVE Program Container

Additional References

References